Vulnerabilities > SAP > UI > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-13 CVE-2019-0388 Authentication Bypass by Spoofing vulnerability in SAP UI
SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation.
network
low complexity
sap CWE-290
5.0
2018-06-12 CVE-2018-2428 Unspecified vulnerability in SAP Infrastructure and UI
Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted.
network
low complexity
sap
5.0
2018-06-12 CVE-2018-2424 Improper Input Validation vulnerability in SAP products
SAP UI5 did not validate user input before adding it to the DOM structure.
network
low complexity
sap CWE-20
5.0